diff options
| author | Philip Withnall <withnall@endlessm.com> | 2020-06-19 11:54:41 +0100 |
|---|---|---|
| committer | Marc-André Lureau <marcandre.lureau@redhat.com> | 2020-06-25 13:57:35 +0400 |
| commit | dd11160f7fecb6fcda89b61afd76700a54bfe0a7 (patch) | |
| tree | 0ee92c546c541326028a32167c9001e585189311 /fuzzing | |
| parent | d83d68d64c40021be432416f9912ff9e59a337ce (diff) | |
fuzzing: Add fuzz tests for GUri parsing and escaping
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Helps: #110
Diffstat (limited to 'fuzzing')
| -rw-r--r-- | fuzzing/fuzz_uri_escape.c | 29 | ||||
| -rw-r--r-- | fuzzing/fuzz_uri_parse.c | 26 | ||||
| -rw-r--r-- | fuzzing/fuzz_uri_parse_params.c | 20 | ||||
| -rw-r--r-- | fuzzing/meson.build | 3 |
4 files changed, 78 insertions, 0 deletions
diff --git a/fuzzing/fuzz_uri_escape.c b/fuzzing/fuzz_uri_escape.c new file mode 100644 index 000000000..3b3afa734 --- /dev/null +++ b/fuzzing/fuzz_uri_escape.c @@ -0,0 +1,29 @@ +#include "fuzz.h" + +int +LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) +{ + GBytes *unescaped_bytes = NULL; + gchar *escaped_string = NULL; + + fuzz_set_logging_func (); + + if (size > G_MAXSSIZE) + return 0; + + unescaped_bytes = g_uri_unescape_bytes ((const gchar *) data, (gssize) size); + if (unescaped_bytes == NULL) + return 0; + + escaped_string = g_uri_escape_bytes (g_bytes_get_data (unescaped_bytes, NULL), + g_bytes_get_size (unescaped_bytes), + NULL); + g_bytes_unref (unescaped_bytes); + + if (escaped_string == NULL) + return 0; + + g_free (escaped_string); + + return 0; +} diff --git a/fuzzing/fuzz_uri_parse.c b/fuzzing/fuzz_uri_parse.c new file mode 100644 index 000000000..5c2934f1a --- /dev/null +++ b/fuzzing/fuzz_uri_parse.c @@ -0,0 +1,26 @@ +#include "fuzz.h" + +int +LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) +{ + GUri *uri = NULL; + gchar *uri_string = NULL; + const GUriFlags flags = G_URI_FLAGS_NONE; + + fuzz_set_logging_func (); + + /* ignore @size */ + uri = g_uri_parse ((const gchar *) data, flags, NULL); + if (uri == NULL) + return 0; + + uri_string = g_uri_to_string (uri); + g_uri_unref (uri); + + if (uri_string == NULL) + return 0; + + g_free (uri_string); + + return 0; +} diff --git a/fuzzing/fuzz_uri_parse_params.c b/fuzzing/fuzz_uri_parse_params.c new file mode 100644 index 000000000..c075a2d68 --- /dev/null +++ b/fuzzing/fuzz_uri_parse_params.c @@ -0,0 +1,20 @@ +#include "fuzz.h" + +int +LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) +{ + GHashTable *parsed_params = NULL; + + fuzz_set_logging_func (); + + if (size > G_MAXSSIZE) + return 0; + + parsed_params = g_uri_parse_params ((const gchar *) data, (gssize) size, '&', FALSE); + if (parsed_params == NULL) + return 0; + + g_hash_table_unref (parsed_params); + + return 0; +} diff --git a/fuzzing/meson.build b/fuzzing/meson.build index 7fdd8c909..1a591c4b7 100644 --- a/fuzzing/meson.build +++ b/fuzzing/meson.build @@ -2,6 +2,9 @@ fuzz_targets = [ 'fuzz_bookmark', 'fuzz_dbus_message', 'fuzz_key', + 'fuzz_uri_escape', + 'fuzz_uri_parse', + 'fuzz_uri_parse_params', 'fuzz_variant_binary', 'fuzz_variant_text', ] |